Monetizing vulnerabilities

The phrase “Knowledge is power” has never before become so clear and scary. Knowledge that is kept secret can be even more dangerous. Dangerous for U.S. citizens, their privacy while browsing on the internet, people overseas, and all companies worldwide. This is because there are bugs within their software that can be exploited and these bugs or vulnerabilities are being sold to government agencies who can then exploit them at a later date.

The type of vulnerabilities being sold are called “zero-day exploits.” This means the original software builder and company using the software has no idea there is a problem and has no way to protect themselves from an attack.

These researchers make their living my finding these flaws. The kicker is that they don’t tell the company using the software of the bug in order to fix it, as was the case a couple years back where they could fix the problem at hand and make the software more secure, but now they are keeping this information secret and selling it to other companies who can exploit it later.

With the growing market of selling vulnerabilities, U.S. security and the security of all citizens are at greater risk. The long term repercussions could be devastating as this information is sold and kept secret. It could be another way of spying, destroying defense systems, bank systems, and identities.